Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
PHP Programming Upgrades

Changes In Store For PHP V6 368

Posted by kdawson from the ready-or-not dept.
An anonymous reader sends in an IBM DeveloperWorks article detailing the changes coming in PHP V6 — from namespaces, to Web 2.0 built-ins, to a few features that are being removed.
This discussion has been archived. No new comments can be posted.

Changes In Store For PHP V6 More

Changes In Store For PHP V6

Comments Filter:

  • Re:Is this really news? (Score:1, Funny)

    by Anonymous Coward on Sunday May 11, 2008 @06:39PM (#23372296)
    People USE Unicode?! Back when I was a youngin' we used ASCII and LIKED IT!

  • I'm New Here (Score:-1, Funny)

    by New Here ( 701369 ) on Sunday May 11, 2008 @07:06PM (#23372474)
    I'm New Here

  • Re:what's with the 'phpsucks' tag? (Score:1, Funny)

    by Anonymous Coward on Sunday May 11, 2008 @07:49PM (#23372728)

    I find PHP incredibly expressive

    You will benefit greatly from learning another language. Pretty much every modern language is more expressive than PHP. Even VBScript*.

    * Little known fact: a lost appendix to the Bible mentions that VBScript is actually the fifth horseman of the apocalypse.

  • Re:Is this really news? (Score:4, Funny)

    by chromatic ( 9471 ) on Sunday May 11, 2008 @08:33PM (#23372958) Homepage

    PHP doesn't have any weird syntax... It's just a really clean, lightweight OO language.... as a language, it ... isn't a kitchen sink like Perl.

    Did you have to shower after writing this? Did you at least burn the keyboard?

  • So does this mean that if you are using magic quotes and you upgrade to PHP6, suddenly you will become vulnerable to SQL injection attack?

    Of course not! Since no one has been stupid enough to directly insert submitted strings into SQL before sending it to the server for at least 5 years now, this won't affect any modern code in the slightest.

  • Re:Is this really news? (Score:3, Funny)

    by chromatic ( 9471 ) on Sunday May 11, 2008 @11:29PM (#23374128) Homepage

    It's the only way to be sure.

  • Clearly and expert consultant (Score:2, Funny)

    by NetCow ( 117556 ) on Monday May 12, 2008 @01:14AM (#23374722)

    Well, at least the sample code has clearly been written by a PHP expert. For example, a newbie would write something like

    function is_authorized() {
    return isset($_SESSION['user']);
    }

    and get paid for just three measly lines of code.

    Thank $deity Nathan A. Good (mail@nathanagood.com), Senior Information Engineer, Consultant stepped in and corrected this to

    function is_authorized() {
    if (isset($_SESSION['user'])) {
    return true;
    } else {
    return false;
    }
    }

    Go, consultant-written code, go!

  • Re:Is this really news? (Score:3, Funny)

    by Hognoxious ( 631665 ) on Monday May 12, 2008 @10:07AM (#23377550) Homepage Journal

    I really despise this kind of post, where each sentence is torn apart and commented on separately;
    That would be a lot easier if you actually wrote proper sentences.

    usually with a sarcastic and snotty tone to it.
    See what I mean?

    In my opinion,
    Which we all totally care about.

    it's just high brow trolling
    I find it quite amusing.

    and makes the poster look like a right dick.
    I know you are but what am I?

  • Re:Magic Quotes Removed (Score:3, Funny)

    by 615 ( 812754 ) on Monday May 12, 2008 @11:46AM (#23378952)

    Actually, undoing magic_quotes is quite a bit more involved. Some things to consider:

    • - magic_quotes affects more than just GET, POST and cookie data
    • - GPC data may contain arrays
    • - magic_quotes doesn't process the keys of top-level arrays

    Here's an excerpt from my personal library that addresses these issues and more. It works in PHP 4+ (I forget which minor version). Just give me some credit if you use it!

    // magic_quotes_runtime is _like_ magic_quotes_gpc/sybase, except that it
    // applies to return data (from functions)
    ini_set('magic_quotes_runtime', '0');

    // magic_quotes_gpc/sybase cannot be preempted like magic_quotes_runtime; if
    // either is enabled, the damage is already done
    if (ini_get('magic_quotes_gpc') === '1' || ini_get('magic_quotes_sybase') === '1') {
    /**
    * @author Adam Siler <amsiler@icglp.com>
    * @param mixed $value
    * @param bool $top
    * @return mixed
    */
    function undo_magic_quotes($value, $top = true) {
    // unescape strings
    if (is_string($value)) {
    // stripslashes is magic_quotes_sybase-aware
    return stripslashes($value);
    }
    // recurse into arrays
    elseif (is_array($value)) {
    // as described here: <http://us.php.net/manual/en/security.magicquotes.disabling.php#71817>,
    // magic_quotes_gpc (sybase?) does not escape the keys of top-level
    // arrays

    $unescaped_array = array();

    foreach ($value as $key => $array_value) {
    if (!$top) {
    $key = stripslashes($key);
    }

    $unescaped_array[$key] = undo_magic_quotes($array_value, false);
    }

    return $unescaped_array;
    }
    // return other values unaltered
    else {
    return $value;
    }
    }

    $_GET = undo_magic_quotes($_GET);
    $_POST = undo_magic_quotes($_POST);
    $_COOKIE = undo_magic_quotes($_COOKIE);
    $_REQUEST = undo_magic_quotes($_REQUEST);
    $_ENV = undo_magic_quotes($_ENV);
    // etc.

    // other scripts may check the value of magic_quotes_gpc or
    // magic_quotes_sybase and conclude, incorrectly, that GPC data is escaped.
    // this should fix that
    ini_set('magic_quotes_gpc', '0');
    ini_set('magic_quotes_sybase', '0');
    }

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close